CVE-2024-9466 - Vulnerability Details

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.09128.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Paloaltonetworks	Expedition

Configuration 1 [-]

cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://security.paloaltonetworks.com/PAN-SA-2024-0010
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

History

Thu, 04 Sep 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 15 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.08199}`	epss `{'score': 0.08687}`

Fri, 18 Oct 2024 12:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:paloaltonetworks:expedition:1.2.0:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.10:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.11:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.12:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.13:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.14:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.15:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.16:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.17:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.18:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.19:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.20:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.21:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.22:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.23:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.24:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.25:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.26:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.28:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.29:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.2:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.30:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.31:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.32:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.33:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.34:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.35:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.36:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.37:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.38:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.39:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.3:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.40:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.41:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.42:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.43:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.44:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.45:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.46:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.47:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.48:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.49:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.4:2:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.50:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.51:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.52:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.53:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.54:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.55:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.56:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.57:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.58:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.59:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.5:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.60:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.61:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.62:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.63:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.64:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.65:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.66:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.67:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.68:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.69:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.6:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.70:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.71:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.72:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.73:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.74:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.75:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.76:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.77:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.78:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.79:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.7:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.80:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.81:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.82:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.83:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.84:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.85:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.86:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.87:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.88:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.89:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.8:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.90:1:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.91:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.92:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.93:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.94:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.95:-:::::: cpe:2.3:a:paloaltonetworks:expedition:1.2.9:-::::::

Thu, 17 Oct 2024 05:45:00 +0000

Type	Values Removed	Values Added
References		https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Tue, 15 Oct 2024 15:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-312
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}`

Fri, 11 Oct 2024 21:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Paloaltonetworks Paloaltonetworks expedition
CPEs		cpe:2.3:a:paloaltonetworks:expedition::::::::
Vendors & Products		Paloaltonetworks Paloaltonetworks expedition
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 09 Oct 2024 22:45:00 +0000

Type	Values Removed	Values Added
Title	Expedition: Cleartext Storage of Information Leads to Firewall Admin Account Takeover	Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure
Metrics	cvssV4_0 `{'score': 8.2, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red'}`	cvssV4_0 `{'score': 8.2, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber'}`

Wed, 09 Oct 2024 17:15:00 +0000

Type	Values Removed	Values Added
Description		A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
Title		Expedition: Cleartext Storage of Information Leads to Firewall Admin Account Takeover
Weaknesses		CWE-532
References		https://security.paloaltonetworks.com/PAN-SA-2024-0010
Metrics		cvssV4_0 `{'score': 8.2, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red'}`

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2024-10-09T17:04:36.252Z

Updated: 2025-09-04T15:09:40.127Z

Reserved: 2024-10-03T11:35:13.454Z

Link: CVE-2024-9466

Vulnrichment

Updated: 2024-10-10T17:37:07.059Z

NVD

Status : Modified

Published: 2024-10-09T17:15:20.400

Modified: 2024-10-17T06:15:04.720

Link: CVE-2024-9466

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object